[Infowarrior] - Vast Data Collection Plan Faces Big Delay

Tue Jan 16 23:36:22 EST 2007

Vast Data Collection Plan Faces Big Delay

By Ellen Nakashima
Washington Post Staff Writer
Wednesday, January 17, 2007; D01

<http://www.washingtonpost.com/wp-dyn/content/article/2007/01/16/AR200701160
1576_pf.html>

The Treasury Department reported to Congress yesterday that a
data-collection program to give counterterrorism analysts routine access to
as many as 500 million cross-border financial transactions a year could not
be implemented until 2010. The department had hoped to implement it by the
end of this year.

The Cross-Border Electronic Funds Transfer Program was part of the 2004
Intelligence Reform Act, and Congress directed the Treasury secretary to
determine if the program would be effective in tracking terrorist financing.
In a report to Congress to be released today, the Treasury Department
concluded that the program was technologically feasible and has value, but
said it needs to determine whether the counterterrorism benefit outweighs
banks' costs of compliance and to address privacy concerns.

The program is opposed by bankers, who view it as burdensome and invasive.

Unlike another Treasury program, which uses administrative powers that
bypass traditional banking privacy protections to tap into the vast global
database of transactions maintained by the Brussels-based Society for
Worldwide Interbank Financial Telecommunication, the cross-border plan is
the result of legislation sought by Treasury and would require congressional
oversight.

Both programs were inspired by the Sept. 11, 2001, terrorist attacks.

Banks and money services are required by law to keep records on all wire
transfers of $3,000 or more. The proposed program would mandate that each of
those transactions -- if they cross the U.S. border -- be reported to the
Treasury Department's Financial Crimes Enforcement Network (FinCEN).

The type of data captured would include the names and addresses of senders,
the amount and dates of the transfers, the names and addresses of the
beneficiaries and their financial institutions.

Treasury officials said in interviews and in the report to Congress that the
data would give analysts more information to ferret out illicit activity as
they try to detect links between suspects.

FinCEN said that Australia and Canada had used similar data effectively.
Australia has used it to catch tax evaders and predict the movement of drugs
into and out of the country. But those countries deal with much smaller
numbers of transactions.

Treasury receives more than 16 million currency transaction records and
suspicious activity reports a year from banks and other financial
institutions, which help officials track money launderers and terrorist
activity.

Bankers say the additional reporting requirement would be a tremendous
burden.

"We're talking about a volume of transactions that dwarfs anything that has
been done in the name of [financial regulatory reporting] up to now," said
Richard R. Riese, director of the American Bankers Association Center for
Regulatory Compliance.

Beyond the reporting burden, he said, privacy concerns are significant. "All
this information will now end up in the hands of the U.S. government for
them to sift through at their leisure without any apparent process to assure
that it is being used for the most significant national security
investigations," Riese said. He likened it to a "fishing expedition" --
"except that the government no longer has to go and put their hook in the
water. We have to give all the fish."

To streamline reporting, Treasury officials are recommending a "first in"
and "last out" system so that only a single U.S. financial institution --
the last one in a transfer out of the country, or the first one in a
transfer in -- would have to report each transaction.

"It's another example of the U.S. government's pattern of sweeping up
massive amounts of data that it can't possibly analyze, that is not likely
to have any significant security benefit, but does threaten privacy" -- that
of Americans and of foreigners doing business with Americans, said Barry
Steinhardt, director of the American Civil Liberties Union technology
project.

European officials, too, raised privacy concerns. "If the program affects
non-U.S. citizens, it should be developed in close cooperation with these
other countries," said Sophie in't Veld, a member of the European Parliament
from the Netherlands.

Stephen R. Kroll, former Democratic special counsel for the Senate Banking
Committee, said the statute "wasn't designed to require reporting of every
wire transfer that goes in and out of America -- both because that's
billions of transactions and because most of them are perfectly ordinary."

He said the law was designed to give the Treasury Department power for
"targeted data collection," aimed, for example, at a country where there is
known terrorist activity.

In an October interview, Robert W. Werner, who then was director of FinCEN,
said most of the data collected would be "commercial oriented" transactions
and "irrelevant" to FinCEN's mission to detect and prevent illicit activity.
"The key is to have a system that allows you to be able to pull the relevant
data without people worrying that irrelevant data is being browsed and used
inappropriately," he said.

FinCEN would also need to develop the technical capability to store and
analyze the information, the study noted. FinCEN is considering setting up a
"federated data warehouse" to store the data, which would be held separately
from other financial records data.

Officials said there would be strict rules to ensure that the data is not
shared inappropriately, including audit trails to check for improper access.
The program would be developed through a public rulemaking process over an
extended period, officials said.

"We know there will be costs. We believe there is value. How do those two
play out?" said Eric Kringel, senior policy adviser at FinCEN. He said that
as a regulatory body, FinCEN "would not want to proceed" without determining
if the benefit is worth the cost.

FinCEN has proposed taking a year to conduct a $1.1 million cost benefit
analysis. Implementation would cost $32.6 million and take 3 1/2 years,
officials said.